Major investments have been made in Europe in the migration toward EMV (the international interoperability standard for banking smart cards) and in the implementation of Chip and PIN.

Today, EMV migration and Chip & PIN continue to drive authentication solutions, since banks can re-leverage the considerable investment and use it for online security. 
 
The mass deployment of credit or debit EMV smart cards provides banks with the opportunity to authenticate cardholders in different “point of contact” situations, the EMV smart card being the base for a true banking ID verification, used for e-banking, e-commerce and m-commerce as well as in the retail payment and face to face transactions. Using EMV smart cards both reduce bank costs associated with fraud and enhance customer services providing a single, familiar and secure solution.
 
By adopting strong two-factor authentication based on the EMV chip infrastructure and using a pocket-sized EMV compliant smart card reader banks leverage the considerable investment made in chip card migration, and extend online authentication to cover other forms of card not present fraud.

Consumer confidence in online banking has grown rapidly in recent years.  Once limited to their local branches, customers are now embracing new technologies for their banking needs. A recent study by Lloyds TSB showed that over two-thirds of UK customers conduct the majority of their banking over the internet, which is a three-fold increase on 2005 figures.

However, customers’ deep-seated security fears remain one of the biggest barriers to the future growth of online banking, and with fraudsters targeting not only big brand banks but also a wider base of smaller financial institutions, these fears are not without merit.  
Consumer confidence is absolutely key to increased sales and as banks start to recognise the business benefits afforded by securing their online business – more transactions, less overheads – secure authentication will provide a point of differentiation among competitors. 

Despite the growing popularity of online banking, fraud within this particular channel remains a prime concern.  Indeed, the current trend for migration to EMV in many countries across the world has reduced the instances of fraud within cardholder present transactions, but increased the threat amongst other channels, including the internet.
A recent MasterCard survey revealed that three-quarters of consumers think that a personal RCA solution would help reduce fraud from Internet and phone-based transactions. In practice, banks can effectively leverage their RCA platforms not merely to reduce operational costs at individual branches but also increase the range of services offered.  

This is just the tip of the iceberg in terms of how remote card authentication solutions can broaden the range of services available to online banking customers.
In addition, solutions are already being developed that do more than just generate one-time-passwords or enable digital signature, bringing to market connectable smart card readers that allow consumers to store a variety of information on their smart card, including ship to/bill to addresses, phone numbers, store discounts and receipts, to name but a few.

RCA solutions are currently being trialled or deployed by a number of financial institutions worldwide in the fight against internet fraud.  In the UK and Belgium banks previously in pilot mode with the readers have since moved to the deployment stage. The UK market is particularly advanced, where major banks are now at the stage of considering their choice of supplier.  2007 will be the year when the first few million users receive two-factor authentication card readers for their online banking transactions. 

As 2006 has seen a rise in the popularity of online banking, so 2007 will see telephone-banking and m-commerce come into their own. Consequently, banks will need to deploy technology in order to authenticate customers on the telephone.  
 
The telephone is an increasingly significant transaction channel.  In the UK, for example, £23 billion worth of payments are made through the telephone, which accounts for 45% of all card-not-present payments. Due to the successful deployment of Chip and PIN however, there has been a 57% increase in UK direct telephone order fraud in the past year. Two-factor authentication technology will need to extend its remit to telephone payments in 2007 in order to combat this trend.

According to ratings agency, comScore Networks, last Christmas was a record year for online retailers with Germany leading the trend. According to the analysis (excluding travel and auction sites) Germans spent the most online during the holiday period — an estimated €5.4 billion from 30 October – 31 December 2006, while UK consumers spent an estimated €4.0 billion online during the same period, and the French spent an estimated €1.9 billion.  When we realise that US Christmas e-shoppers spent a staggering €24 billion during the same period, European consumers have some way to catch up their US counterparts!
 
As e-commerce shoppers become more experienced and more sophisticated however, so do their demands in terms of security. The anti-fraud credentials of organisations offering e-commerce transactions have never been under such intense scrutiny.
One knock-on effect of the highly successful EMV Chip and PIN rollout in the UK, for instance, is that consumers are now more aware and concerned about transaction fraud than ever before. Aware that any reluctance to bank online would jeopardise the significant investment and benefits from internet banking, banks across Europe are steadily investing in two-factor authentication for this process.

For online retailers, the rise of transaction fraud fear could have devastating consequences. Online retailers could find themselves being treated as little more than glorified search engines, used by consumers to research the goods they wish to buy but with the actual purchase being made physically on the high street. However, such a bleak outlook need not become a reality. In the same way that Chip and PIN has had a remarkable effect on cardholder present transactions, the smart card can just as easily be included within an e-commerce transaction where the cardholder is not present. However, the onus to make this happen lies with the banks.
 
Banks are ideally positioned to assume a leadership role in terms of protecting their online retail business customers. The fear of fraud is very real and the threat to e-commerce is apparent. If banks are going to safeguard their retail business customers’ interests then the use of two-factor authentication cannot be restricted to protecting a bank’s own internet banking channel. This leadership role could also extend to retailers who themselves can benefit from RCA solutions on their sites, enabling them to process card transactions online and via call centres securely. Last year, online theft during card purchases accounted for £117 million of the UK’s card-not-present fraud, and of this, the retailers themselves bore the greatest loss.